forked from GNUsocial/gnu-social
		
	Move OMB to a plugin commit 75d21f00246bcc56d7f854936be1e28395e079a2 Merge: cea0199 d594d07 Author: Zach Copley <zach@status.net> Date: Fri Jul 15 11:16:54 2011 -0700 Merge branch 'kill-omb2' of gitorious.org:~zcopley/statusnet/zcopleys-clone into kill-omb2 * 'kill-omb2' of gitorious.org:~zcopley/statusnet/zcopleys-clone: Fix paths Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore Some odds and ends Remove omb stuff from queuemanager defaults Add check to make sure we're not untagging an OMB profile to OMB plugin Move some more subscription stuff and peopletag checks to OMB plugin Move some OMB-specific unsubscribe stuff to OMB plugin Finish removing libomb from core extlibs Fix more conflicts Fix queuing/queuehandling Move some stuff around; fix references Fix conflicts Move OMB-specific files to OMB plugin Move some stuff around; fix references Add OMB plugin README and rm references to OMB in mail StatusNet README Update paths Fix define Basic plugin finished Move OMB-specific files to OMB plugin Remove OMB stuff from router commit cea019967f343042ebaea14b7bbb0d54289bcc1a Author: Zach Copley <zach@status.net> Date: Wed Jul 13 14:38:40 2011 -0700 Fix paths commit d412aa3c0ea0e21e65a72a16c7b9edd64ff373e1 Author: Zach Copley <zach@status.net> Date: Tue Jul 12 18:17:06 2011 -0700 Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore commit b459c9f10ac283d6e774ef13f3293fc8a6948143 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 19:02:08 2011 -0700 Some odds and ends commit 895cfbfce58ffb3a05beebf48a90c549e00f1cce Author: Zach Copley <zach@status.net> Date: Wed Jul 6 19:01:23 2011 -0700 Remove omb stuff from queuemanager defaults commit b41b9e994f291ff83afb2460d9b37aee8ec1ec2b Author: Zach Copley <zach@status.net> Date: Wed Jul 6 18:46:44 2011 -0700 Add check to make sure we're not untagging an OMB profile to OMB plugin commit 94374d26ddd428dac8e4cd4541fd56db748c248b Author: Zach Copley <zach@status.net> Date: Wed Jul 6 18:34:20 2011 -0700 Move some more subscription stuff and peopletag checks to OMB plugin commit b91043b7820d5cd8b0ba4e9ee2a9d03c99248f11 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 16:37:25 2011 -0700 Move some OMB-specific unsubscribe stuff to OMB plugin commit d9430fe52975d9497b4a0d3d54da35b222e207ad Author: Zach Copley <zach@status.net> Date: Wed Jul 6 15:26:30 2011 -0700 Finish removing libomb from core extlibs commit bb6257eb85cc7ba392e91468c01503f51faeb989 Author: Zach Copley <zach@status.net> Date: Wed Jul 13 12:47:32 2011 -0700 Fix more conflicts commit 3c760d0a4b4a083ae5fca2530d22aad5f4a9fdae Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:49:22 2011 -0700 Fix queuing/queuehandling commit ed635fa0c20e150673709c04ecc7f285d12e0ce2 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:29:35 2011 -0700 Move some stuff around; fix references commit cbc553a147941cad16e205a6b66ab4b32a5e3d3d Author: Zach Copley <zach@status.net> Date: Wed Jul 13 12:46:05 2011 -0700 Fix conflicts commit 5d77c81f75b57f5d5357d6b46d503650a4b3225d Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:38 2011 -0700 Move OMB-specific files to OMB plugin commit 2ed051dbce0ce9b44723b14922026849c39ed603 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:29:35 2011 -0700 Move some stuff around; fix references commit 8809b5e35b1aacb67d70ae3e55a43003b6f591b7 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:28:59 2011 -0700 Add OMB plugin README and rm references to OMB in mail StatusNet README commit 35ced4067c1915baca0b3e184f9533a91a951d2d Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:50:09 2011 -0700 Update paths commit 0ee5bafbce95fc9b8db98c1e828d33d26d08bc73 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:38:03 2011 -0700 Fix define commit e309dd22ffb9087d7fcf9180ede4f531dbd88c3c Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:30:43 2011 -0700 Basic plugin finished commit 00f1e930f27e080b04d1e82952f7886c84e01d97 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:38 2011 -0700 Move OMB-specific files to OMB plugin commit 39dcd031a79b49da0b4fe25f1594d2e406b5eb65 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:01 2011 -0700 Remove OMB stuff from router commit d594d071be1ec42518dd5465db61e01e7e8ec036 Author: Zach Copley <zach@status.net> Date: Wed Jul 13 14:38:40 2011 -0700 Fix paths commit 48c1064b4b50e89cf51d2cab388f708f60601247 Author: Zach Copley <zach@status.net> Date: Tue Jul 12 18:17:06 2011 -0700 Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore commit 1e1168978f38c31dbf0206b3493b2b6dcbe61589 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 19:02:08 2011 -0700 Some odds and ends commit ac43af2b497d8b9286c49a9469a1dff950e41650 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 19:01:23 2011 -0700 Remove omb stuff from queuemanager defaults commit 2471af2f8800515a3db544b3a186a18f3e8a43af Author: Zach Copley <zach@status.net> Date: Wed Jul 6 18:46:44 2011 -0700 Add check to make sure we're not untagging an OMB profile to OMB plugin commit df974646459ac6d5d97a40d008f1aab66f998226 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 18:34:20 2011 -0700 Move some more subscription stuff and peopletag checks to OMB plugin commit 8a1427b759e791c14a7a7a22128ba05f0b4b6d12 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 16:37:25 2011 -0700 Move some OMB-specific unsubscribe stuff to OMB plugin commit bd24220dbb5170af22ea0dea8a3062e6d1aeb6a2 Author: Zach Copley <zach@status.net> Date: Wed Jul 6 15:26:30 2011 -0700 Finish removing libomb from core extlibs commit 4c3c6f1fabb0f2c92635ccc5e8f38db2293f5456 Author: Zach Copley <zach@status.net> Date: Wed Jul 13 12:47:32 2011 -0700 Fix more conflicts commit db44deefd731a412685c5669c4c6fa69833de922 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:49:22 2011 -0700 Fix queuing/queuehandling commit ea2d84d2f3d518950d3aa1956ddc8f3a25ca55f3 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:29:35 2011 -0700 Move some stuff around; fix references commit 8ac3e010444b41bd9a78766f5e37e49dff023b45 Author: Zach Copley <zach@status.net> Date: Wed Jul 13 12:46:05 2011 -0700 Fix conflicts commit 0aad6e10e3637b3189a87b42c24c1d6de1b346bc Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:38 2011 -0700 Move OMB-specific files to OMB plugin commit d982d7076c5cb28c7b8e4b1dde8d07d7e58e278f Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:29:35 2011 -0700 Move some stuff around; fix references commit 4b9d39c93562ff4c45c37c940013e8b78197dec1 Author: Zach Copley <zach@status.net> Date: Tue Jul 5 15:28:59 2011 -0700 Add OMB plugin README and rm references to OMB in mail StatusNet README commit dab0fb6647a85e6835298496d7127a398b6b9293 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:50:09 2011 -0700 Update paths commit 2cb73dac8ad971f1545dcf6ba57746c777e232ef Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:38:03 2011 -0700 Fix define commit 6f226b18a059f175b1bdd3abcb8cb95eedc22ee7 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 23:30:43 2011 -0700 Basic plugin finished commit 7be304beaa0f39755c3978e0b852fde768950da4 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:38 2011 -0700 Move OMB-specific files to OMB plugin commit 5b30da01cfa2802d6e7a4a4a4f39b8043c54f472 Author: Zach Copley <zach@status.net> Date: Thu Jun 30 19:10:01 2011 -0700 Remove OMB stuff from router
		
			
				
	
	
		
			507 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			507 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /*
 | |
|  * StatusNet - the distributed open-source microblogging tool
 | |
|  * Copyright (C) 2008-2011, StatusNet, Inc.
 | |
|  *
 | |
|  * This program is free software: you can redistribute it and/or modify
 | |
|  * it under the terms of the GNU Affero General Public License as published by
 | |
|  * the Free Software Foundation, either version 3 of the License, or
 | |
|  * (at your option) any later version.
 | |
|  *
 | |
|  * This program is distributed in the hope that it will be useful,
 | |
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | |
|  * GNU Affero General Public License for more details.
 | |
|  *
 | |
|  * You should have received a copy of the GNU Affero General Public License
 | |
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 | |
|  */
 | |
| 
 | |
| if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
 | |
| 
 | |
| require_once 'OAuth.php';
 | |
| 
 | |
| /**
 | |
|  * @fixme class doc
 | |
|  */
 | |
| class ApiStatusNetOAuthDataStore extends OAuthDataStore
 | |
| {
 | |
|     function lookup_consumer($consumerKey)
 | |
|     {
 | |
|         $con = Consumer::staticGet('consumer_key', $consumerKey);
 | |
| 
 | |
|         if (!$con) {
 | |
| 
 | |
|             // Create an anon consumer and anon application if one
 | |
|             // doesn't exist already
 | |
|             if ($consumerKey == 'anonymous') {
 | |
| 
 | |
|                 common_debug("API OAuth - creating anonymous consumer");
 | |
|                 $con = new Consumer();
 | |
|                 $con->consumer_key    = $consumerKey;
 | |
|                 $con->consumer_secret = $consumerKey;
 | |
|                 $con->created         = common_sql_now();
 | |
| 
 | |
|                 $result = $con->insert();
 | |
|                 if (!$result) {
 | |
|                     // TRANS: Server error displayed when trying to create an anynymous OAuth consumer.
 | |
|                     $this->serverError(_('Could not create anonymous consumer.'));
 | |
|                 }
 | |
| 
 | |
|                 $app = Oauth_application::getByConsumerKey('anonymous');
 | |
| 
 | |
|                 if (!$app) {
 | |
|                     common_debug("API OAuth - creating anonymous application");
 | |
|                     $app               = new OAuth_application();
 | |
|                     $app->owner        = 1; // XXX: What to do here?
 | |
|                     $app->consumer_key = $con->consumer_key;
 | |
|                     $app->name         = 'anonymous';
 | |
|                     $app->icon         = 'default-avatar-stream.png'; // XXX: Fix this!
 | |
|                     $app->description  = "An anonymous application";
 | |
|                     // XXX: allow the user to set the access type when
 | |
|                     // authorizing? Currently we default to r+w for anonymous
 | |
|                     // OAuth client applications
 | |
|                     $app->access_type  = 3; // read + write
 | |
|                     $app->type         = 2; // desktop
 | |
|                     $app->created      = common_sql_now();
 | |
| 
 | |
|                     $id = $app->insert();
 | |
| 
 | |
|                     if (!$id) {
 | |
|                         // TRANS: Server error displayed when trying to create an anynymous OAuth application.
 | |
|                         $this->serverError(_("Could not create anonymous OAuth application."));
 | |
|                     }
 | |
|                 }
 | |
|             } else {
 | |
|                 return null;
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         return new OAuthConsumer(
 | |
|             $con->consumer_key,
 | |
|             $con->consumer_secret
 | |
|         );
 | |
|     }
 | |
| 
 | |
|     function getAppByRequestToken($token_key)
 | |
|     {
 | |
|         // Look up the full req token
 | |
|         $req_token = $this->lookup_token(
 | |
|             null,
 | |
|             'request',
 | |
|             $token_key
 | |
|         );
 | |
| 
 | |
|         if (empty($req_token)) {
 | |
|             common_debug("Couldn't get request token from oauth datastore");
 | |
|             return null;
 | |
|         }
 | |
| 
 | |
|         // Look up the full Token
 | |
|         $token = new Token();
 | |
|         $token->tok = $req_token->key;
 | |
|         $result = $token->find(true);
 | |
| 
 | |
|         if (empty($result)) {
 | |
|             common_debug('Couldn\'t find req token in the token table.');
 | |
|             return null;
 | |
|         }
 | |
| 
 | |
|         // Look up the app
 | |
|         $app = new Oauth_application();
 | |
|         $app->consumer_key = $token->consumer_key;
 | |
|         $result = $app->find(true);
 | |
| 
 | |
|         if (!empty($result)) {
 | |
|             return $app;
 | |
|         } else {
 | |
|             common_debug("Couldn't find the app!");
 | |
|             return null;
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     function new_access_token($token, $consumer, $verifier)
 | |
|     {
 | |
|         common_debug(
 | |
|             sprintf(
 | |
|                 "New access token from request token %s, consumer %s and verifier %s ",
 | |
|                 $token,
 | |
|                 $consumer,
 | |
|                 $verifier
 | |
|             ),
 | |
|             __FILE__
 | |
|         );
 | |
| 
 | |
|         $rt = new Token();
 | |
| 
 | |
|         $rt->consumer_key = $consumer->key;
 | |
|         $rt->tok          = $token->key;
 | |
|         $rt->type         = 0; // request
 | |
| 
 | |
|         $app = Oauth_application::getByConsumerKey($consumer->key);
 | |
|         assert(!empty($app));
 | |
| 
 | |
|         if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized
 | |
| 
 | |
|             common_debug('Request token found.', __FILE__);
 | |
| 
 | |
|             // find the app and profile associated with this token
 | |
|             $tokenAssoc = Oauth_token_association::staticGet('token', $rt->tok);
 | |
| 
 | |
|             if (!$tokenAssoc) {
 | |
|                 throw new Exception(
 | |
|                     // TRANS: Exception thrown when no token association could be found.
 | |
|                     _('Could not find a profile and application associated with the request token.')
 | |
|                 );
 | |
|             }
 | |
| 
 | |
|             // Check to see if we have previously issued an access token for
 | |
|             // this application and profile; if so we can just return the
 | |
|             // existing access token. That seems to be the best practice. It
 | |
|             // makes it so users only have to authorize the app once per
 | |
|             // machine.
 | |
| 
 | |
|             $appUser = new Oauth_application_user();
 | |
| 
 | |
|             $appUser->application_id = $app->id;
 | |
|             $appUser->profile_id     = $tokenAssoc->profile_id;
 | |
| 
 | |
|             $result = $appUser->find(true);
 | |
| 
 | |
|             if (!empty($result)) {
 | |
| 
 | |
|                 common_log(LOG_INFO,
 | |
|                      sprintf(
 | |
|                         "Existing access token found for application %s, profile %s.",
 | |
|                         $app->id,
 | |
|                         $tokenAssoc->profile_id
 | |
|                      )
 | |
|                 );
 | |
| 
 | |
|                 $at = null;
 | |
| 
 | |
|                 // Special case: we used to store request tokens in the
 | |
|                 // Oauth_application_user record, and the access_type would
 | |
|                 // always be 0 (no access) as a failsafe until an access
 | |
|                 // token was issued and replaced the request token. There could
 | |
|                 // be a few old Oauth_application_user records storing request
 | |
|                 // tokens still around, and we don't want to accidentally
 | |
|                 // return a useless request token instead of a new access
 | |
|                 // token. So if we find one, we generate a new access token
 | |
|                 // and update the existing Oauth_application_user record before
 | |
|                 // returning the new access token. This should be rare.
 | |
| 
 | |
|                 if ($appUser->access_type == 0) {
 | |
| 
 | |
|                     $at = $this->generateNewAccessToken($consumer, $rt, $verifier);
 | |
|                     $this->updateAppUser($appUser, $app, $at);
 | |
| 
 | |
|                 } else {
 | |
| 
 | |
|                     $at = new Token();
 | |
| 
 | |
|                     // fetch the full access token
 | |
|                     $at->consumer_key = $consumer->key;
 | |
|                     $at->tok          = $appUser->token;
 | |
| 
 | |
|                     $result = $at->find(true);
 | |
| 
 | |
|                     if (!$result) {
 | |
|                         throw new Exception(
 | |
|                             // TRANS: Exception thrown when no access token can be issued.
 | |
|                             _('Could not issue access token.')
 | |
|                         );
 | |
|                     }
 | |
|                 }
 | |
| 
 | |
|                 // Yay, we can re-issue the access token
 | |
|                 return new OAuthToken($at->tok, $at->secret);
 | |
| 
 | |
|             } else {
 | |
| 
 | |
|                common_log(LOG_INFO,
 | |
|                     sprintf(
 | |
|                         "Creating new access token for application %s, profile %s.",
 | |
|                         $app->id,
 | |
|                         $tokenAssoc->profile_id
 | |
|                      )
 | |
|                 );
 | |
| 
 | |
|                 $at = $this->generateNewAccessToken($consumer, $rt, $verifier);
 | |
|                 $this->newAppUser($tokenAssoc, $app, $at);
 | |
| 
 | |
|                 // Okay, good
 | |
|                 return new OAuthToken($at->tok, $at->secret);
 | |
|             }
 | |
| 
 | |
|         } else {
 | |
| 
 | |
|             // the token was not authorized or not verfied
 | |
|             common_log(
 | |
|                 LOG_INFO,
 | |
|                 sprintf(
 | |
|                     "API OAuth - Attempt to exchange unauthorized or unverified request token %s for an access token.",
 | |
|                      $rt->tok
 | |
|                 )
 | |
|             );
 | |
|             return null;
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /*
 | |
|      * Generate a new access token and save it to the database
 | |
|      *
 | |
|      * @param Consumer $consumer the OAuth consumer
 | |
|      * @param Token    $rt       the authorized request token
 | |
|      * @param string   $verifier the OAuth 1.0a verifier
 | |
|      *
 | |
|      * @access private
 | |
|      *
 | |
|      * @return Token   $at       the new access token
 | |
|      */
 | |
|     private function generateNewAccessToken($consumer, $rt, $verifier)
 | |
|     {
 | |
|         $at = new Token();
 | |
| 
 | |
|         $at->consumer_key      = $consumer->key;
 | |
|         $at->tok               = common_good_rand(16);
 | |
|         $at->secret            = common_good_rand(16);
 | |
|         $at->type              = 1; // access
 | |
|         $at->verifier          = $verifier;
 | |
|         $at->verified_callback = $rt->verified_callback; // 1.0a
 | |
|         $at->created           = common_sql_now();
 | |
| 
 | |
|         if (!$at->insert()) {
 | |
|             $e = $at->_lastError;
 | |
|             common_debug('access token "' . $at->tok . '" not inserted: "' . $e->message . '"', __FILE__);
 | |
|             return null;
 | |
|         } else {
 | |
|             common_debug('access token "' . $at->tok . '" inserted', __FILE__);
 | |
|             // burn the old one
 | |
|             $orig_rt   = clone($rt);
 | |
|             $rt->state = 2; // used
 | |
|             if (!$rt->update($orig_rt)) {
 | |
|                 return null;
 | |
|             }
 | |
|             common_debug('request token "' . $rt->tok . '" updated', __FILE__);
 | |
|         }
 | |
| 
 | |
|         return $at;
 | |
|     }
 | |
| 
 | |
|    /*
 | |
|     * Add a new app user (Oauth_application_user) record
 | |
|     *
 | |
|     * @param Oauth_token_association $tokenAssoc token-to-app association
 | |
|     * @param Oauth_application       $app        the OAuth client app
 | |
|     * @param Token                   $at         the access token
 | |
|     *
 | |
|     * @access private
 | |
|     *
 | |
|     * @return void
 | |
|     */
 | |
|     private function newAppUser($tokenAssoc, $app, $at)
 | |
|     {
 | |
|         $appUser = new Oauth_application_user();
 | |
| 
 | |
|         $appUser->profile_id     = $tokenAssoc->profile_id;
 | |
|         $appUser->application_id = $app->id;
 | |
|         $appUser->access_type    = $app->access_type;
 | |
|         $appUser->token          = $at->tok;
 | |
|         $appUser->created        = common_sql_now();
 | |
| 
 | |
|         $result = $appUser->insert();
 | |
| 
 | |
|         if (!$result) {
 | |
|             common_log_db_error($appUser, 'INSERT', __FILE__);
 | |
| 
 | |
|             throw new Exception(
 | |
|                 // TRANS: Exception thrown when a database error occurs.
 | |
|                 _('Database error inserting OAuth application user.')
 | |
|             );
 | |
|         }
 | |
|     }
 | |
| 
 | |
|    /*
 | |
|     * Update an existing app user (Oauth_application_user) record
 | |
|     *
 | |
|     * @param Oauth_application_user $appUser existing app user rec
 | |
|     * @param Oauth_application      $app     the OAuth client app
 | |
|     * @param Token                  $at      the access token
 | |
|     *
 | |
|     * @access private
 | |
|     *
 | |
|     * @return void
 | |
|     */
 | |
|     private function updateAppUser($appUser, $app, $at)
 | |
|     {
 | |
|         $original = clone($appUser);
 | |
|         $appUser->access_type = $app->access_type;
 | |
|         $appUser->token       = $at->tok;
 | |
| 
 | |
|         $result = $appUser->update($original);
 | |
| 
 | |
|         if (!$result) {
 | |
|             common_log_db_error($appUser, 'UPDATE', __FILE__);
 | |
|             throw new Exception(
 | |
|                 // TRANS: Exception thrown when a database error occurs.
 | |
|                 _('Database error updating OAuth application user.')
 | |
|             );
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Revoke specified access token
 | |
|      *
 | |
|      * Revokes the token specified by $token_key.
 | |
|      * Throws exceptions in case of error.
 | |
|      *
 | |
|      * @param string $token_key the token to be revoked
 | |
|      * @param int    $type      type of token (0 = req, 1 = access)
 | |
|      *
 | |
|      * @access public
 | |
|      *
 | |
|      * @return void
 | |
|      */
 | |
|     public function revoke_token($token_key, $type = 0) {
 | |
|         $rt        = new Token();
 | |
|         $rt->tok   = $token_key;
 | |
|         $rt->type  = $type;
 | |
|         $rt->state = 0;
 | |
| 
 | |
|         if (!$rt->find(true)) {
 | |
|             // TRANS: Exception thrown when an attempt is made to revoke an unknown token.
 | |
|             throw new Exception(_('Tried to revoke unknown token.'));
 | |
|         }
 | |
| 
 | |
|         if (!$rt->delete()) {
 | |
|             // TRANS: Exception thrown when an attempt is made to remove a revoked token.
 | |
|             throw new Exception(_('Failed to delete revoked token.'));
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /*
 | |
|      * Create a new request token. Overrided to support OAuth 1.0a callback
 | |
|      *
 | |
|      * @param OAuthConsumer $consumer the OAuth Consumer for this token
 | |
|      * @param string        $callback the verified OAuth callback URL
 | |
|      *
 | |
|      * @return OAuthToken   $token a new unauthorized OAuth request token
 | |
|      */
 | |
|     function new_request_token($consumer, $callback)
 | |
|     {
 | |
|         $t = new Token();
 | |
|         $t->consumer_key = $consumer->key;
 | |
|         $t->tok = common_good_rand(16);
 | |
|         $t->secret = common_good_rand(16);
 | |
|         $t->type = 0; // request
 | |
|         $t->state = 0; // unauthorized
 | |
|         $t->verified_callback = $callback;
 | |
| 
 | |
|         if ($callback === 'oob') {
 | |
|             // six digit pin
 | |
|             $t->verifier = mt_rand(0, 9999999);
 | |
|         } else {
 | |
|             $t->verifier = common_good_rand(8);
 | |
|         }
 | |
| 
 | |
|         $t->created = DB_DataObject_Cast::dateTime();
 | |
|         if (!$t->insert()) {
 | |
|             return null;
 | |
|         } else {
 | |
|             return new OAuthToken($t->tok, $t->secret);
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Authorize specified OAuth token
 | |
|      *
 | |
|      * Authorizes the authorization token specified by $token_key.
 | |
|      * Throws exceptions in case of error.
 | |
|      *
 | |
|      * @param string $token_key The token to be authorized
 | |
|      *
 | |
|      * @access public
 | |
|      **/
 | |
|     public function authorize_token($token_key) {
 | |
|         $rt = new Token();
 | |
|         $rt->tok = $token_key;
 | |
|         $rt->type = 0;
 | |
|         $rt->state = 0;
 | |
|         if (!$rt->find(true)) {
 | |
|             throw new Exception('Tried to authorize unknown token');
 | |
|         }
 | |
|         $orig_rt = clone($rt);
 | |
|         $rt->state = 1; # Authorized but not used
 | |
|         if (!$rt->update($orig_rt)) {
 | |
|             throw new Exception('Failed to authorize token');
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      *
 | |
|      * http://oauth.net/core/1.0/#nonce
 | |
|      * "The Consumer SHALL then generate a Nonce value that is unique for
 | |
|      * all requests with that timestamp."
 | |
|      * XXX: It's not clear why the token is here
 | |
|      *
 | |
|      * @param type $consumer
 | |
|      * @param type $token
 | |
|      * @param type $nonce
 | |
|      * @param type $timestamp
 | |
|      * @return type
 | |
|      */
 | |
|     function lookup_nonce($consumer, $token, $nonce, $timestamp)
 | |
|     {
 | |
|         $n = new Nonce();
 | |
|         $n->consumer_key = $consumer->key;
 | |
|         $n->ts = common_sql_date($timestamp);
 | |
|         $n->nonce = $nonce;
 | |
|         if ($n->find(true)) {
 | |
|             return true;
 | |
|         } else {
 | |
|             $n->created = DB_DataObject_Cast::dateTime();
 | |
|             $n->insert();
 | |
|             return false;
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      *
 | |
|      * @param type $consumer
 | |
|      * @param type $token_type
 | |
|      * @param type $token_key
 | |
|      * @return OAuthToken
 | |
|      */
 | |
|     function lookup_token($consumer, $token_type, $token_key)
 | |
|     {
 | |
|         $t = new Token();
 | |
|         if (!is_null($consumer)) {
 | |
|             $t->consumer_key = $consumer->key;
 | |
|         }
 | |
|         $t->tok = $token_key;
 | |
|         $t->type = ($token_type == 'access') ? 1 : 0;
 | |
|         if ($t->find(true)) {
 | |
|             return new OAuthToken($t->tok, $t->secret);
 | |
|         } else {
 | |
|             return null;
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      *
 | |
|      * @param type $token_key
 | |
|      * @return Token 
 | |
|      */
 | |
|     function getTokenByKey($token_key)
 | |
|     {
 | |
|         $t = new Token();
 | |
|         $t->tok = $token_key;
 | |
|         if ($t->find(true)) {
 | |
|             return $t;
 | |
|         } else {
 | |
|             return null;
 | |
|         }
 | |
|     }
 | |
| }
 |